Lucene search
+L

604 matches found

nvd
nvd
added 6 days ago8 views

CVE-2026-13710

The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget's 'sgbodydescription' parameter in versions up to, and including, 3.2.6. This is due to insufficient input...

6.4CVSS0.00206EPSS
Exploits0References8
attackerkb
attackerkb
added 6 days ago6 views

CVE-2026-13710

The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Box widget's 'sgbodydescription' parameter in versions up to, and including, 3.2.6. This is due to insufficient input...

6.4CVSS6.2AI score0.00206EPSS
Exploits0References9
redhatcve
redhatcve
added 2026/07/01 4:57 p.m.8 views

CVE-2026-53356

A flaw was found in the Linux kernel's drm/i915/gem component. This vulnerability occurs because the sgpage function incorrectly scales pread/pwrite operations for physical Buffer Objects BO when a non-zero offset is used. This can lead to incorrect memory access, potentially allowing an attacker...

5.8AI score0.00164EPSS
Exploits0References4
osv
osv
added 2026/06/30 8:21 a.m.5 views

SUSE-SU-2026:2689-1 Security update for sg3_utils

This update for sg3utils fixes the following issue Update to version 1.43+49.47792c16: - sginq: --export output conformance for SCSI name string and ATA fields bsc1267823...

5.8AI score
Exploits0References2
redhatcve
redhatcve
added 2026/06/29 8:19 a.m.5 views

CVE-2026-53304

A flaw was found in the Linux kernel's SCSI generic sg module. A local user could bypass the intended size restrictions for the defreservedsize module parameter. By setting this parameter to an invalid value and then attempting to open a SCSI generic device, the system can experience a soft locku...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References4
susecve
susecve
added 2026/06/28 1:8 a.m.6 views

SUSE CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.9AI score0.00101EPSS
Exploits0References3
nessus
nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be...

5.5CVSS6.1AI score0.00101EPSS
Exploits0References3
osv
osv
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References1
nvd
nvd
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS0.00101EPSS
Exploits0References8
osv
osv
added 2026/06/26 8:17 p.m.4 views

UBUNTU-CVE-2026-53304

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References11
osv
osv
added 2026/06/26 7:41 p.m.2 views

CVE-2026-53304 scsi: sg: Resolve soft lockup issue when opening /dev/sgX

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.5CVSS5.9AI score0.00101EPSS
Exploits0References11
euvd
euvd
added 2026/06/26 7:41 p.m.6 views

EUVD-2026-39839

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Resolve soft lockup issue when opening /dev/sgX The parameter defreservedsize defines the default buffer size reserved for each Sgfd and should be restricted to a range between 0 and 1,048,576 see...

5.9AI score0.00101EPSS
Exploits0References8
cve
cve
added 2026/06/26 7:41 p.m.15 views

CVE-2026-53304

CVE-2026-53304 affects the Linux kernel SCSI generic (sg) driver, specifically the def_reserved_size default buffer size for each /dev/sgX. The root cause is a bypass of sg_proc_write_dressz limits, allowing an invalid value to be written via the module parameter, which can trigger a soft lockup....

5.5CVSS5.9AI score0.00101EPSS
Exploits0References8Affected Software1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.9 views

PT-2026-52943

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A soft lockup occurs when opening /dev/sgX due to improper validation of the def reserved size module parameter. While the sg proc write dressz function enforces a size limit between 0 a...

5.5CVSS5.8AI score0.00101EPSS
Exploits0References21
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context The function sgfinishremreq calls blkrqunmapuser. The latter function may sleep. Therefore, call sgfinishremreq with interrupts enabled instead of disabled...

6AI score0.00175EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dmaunmapsg nents The dmaunmapsg functions should be called with the same nents as the dmamapsg, not with the value returned by the map function...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: bounds checks were added in nvmettcpbuildpduiovec. The nvmettcpbuildpduiovec function could exceed the range of cmd-req.sg when the length or offset of the PDU exceeds sgcnt. As a result, it might use bogus values f...

9.8CVSS5.8AI score0.00399EPSS
Exploits0References2
nvd
nvd
added 2026/06/08 5:16 p.m.17 views

CVE-2026-46312

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

5.5CVSS0.00114EPSS
Exploits0References5
cve
cve
added 2026/06/08 3:50 p.m.42 views

CVE-2026-46312

CVE-2026-46312 is a Linux kernel vulnerability involving media: videobuf2 where vb2_dma_sg_mmap did not set the VMA flags, potentially triggering a WARN_ON in drm_gem_mmap_obj() during mmap() of an imported dma-buf. The fix adds proper VMA flag handling in vb2_dma_sg_mmap_mmap (consistent with vb...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References5Affected Software1
cve
cve
added 2026/06/08 3:46 p.m.67 views

CVE-2026-46289

In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...

9.8CVSS5.4AI score0.00457EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder